package com.edou.auth.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.edou.auth.entity.User;
import com.edou.base.constant.SessionConstant;

/**
 * 后台用户登录拦截器
 * @creator     admin
 * @create-time Jun 19, 2015   2:09:07 PM
 * @version 1.0
 */
public class AdminLoginInterceptor  extends HandlerInterceptorAdapter {
	
	@Value("${dev.mode}")
	private String devMode;

	@Override
	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
		//判断用户是否登录
		HttpSession session = request.getSession();
		User user = (User) session.getAttribute(SessionConstant.CURRENT_USER);
		if(null == user){
			/* ======== 
			 * 注释人：方泉
			 * 注释日期：2016-06-15
			 * 
			 * 1、不启用开发模式，之前部署项目的时候经常会漏改这个参数，导致后台公开在外网，比较危险；
			 * 2、开发状态下，后台登录一下问题也不大；
			 * 
			 * ======== */
			//判断开发模式
			/*
			if(StringUtils.isNotBlank(devMode) && "true".equals(devMode)){
				user = new User();
				user.setId(SystemConstant.ADMIN_ID);
				user.setName("系统管理员");
				user.setAccount("admin");
				
				session.setAttribute(SessionConstant.CURRENT_USER, user);
				
				return super.preHandle(request, response, handler);
			}
			*/
			
			//判断请求方式
			String requestType = request.getHeader("X-Requested-With");
			if(StringUtils.isNotBlank(requestType) && StringUtils.equals("XMLHttpRequest", requestType)){
				//异步请求
				response.setContentType("text/json;charset=UTF-8");
				response.getWriter().write("{\"status\":\"error\",\"message\":\"登录超时，请重新登录\"}");
				return false;
			}
			/**
			 * 李宁 解决iframe跳出问题
			 */
			response.getWriter().print("<html><script type='text/JavaScript'> top.location.href='"+request.getContextPath()+"/admin/login.htm'</script></html>");
			response.setContentType("text/html");
			//response.sendRedirect(request.getContextPath() + "/admin/login.htm");
			//request.getRequestDispatcher("/admin/logout.htm").forward(request, response); 
			return false;
		}
		
		return super.preHandle(request, response, handler);
	}
	
}
